[PATCH] cpu_map: Add libcpuinfo as optional data source
by Tim Wiederhake
This adds an option to use libcpuinfo [1] as data source for
libvirt's list of x86 cpu features. This is purely optional and
does not change the script's behavior if libcpuinfo is not
installed.
libcpuinfo is a cross-vendor, cross-architecture source for CPU
related information that has the capability to replace libvirt's
dependence on qemu's cpu feature list.
[1] https://gitlab.com/twiederh/libcpuinfo
Signed-off-by: Tim Wiederhake <twiederh(a)redhat.com>
---
src/cpu_map/libcpuinfo_aliases.xml | 75 +++++++++++++++++++++++++
src/cpu_map/sync_qemu_features_i386.py | 77 +++++++++++++++++++++++---
2 files changed, 145 insertions(+), 7 deletions(-)
create mode 100644 src/cpu_map/libcpuinfo_aliases.xml
diff --git a/src/cpu_map/libcpuinfo_aliases.xml b/src/cpu_map/libcpuinfo_aliases.xml
new file mode 100644
index 0000000000..75d243fead
--- /dev/null
+++ b/src/cpu_map/libcpuinfo_aliases.xml
@@ -0,0 +1,75 @@
+<!--
+ libvirt uses slightly different names for some cpu features than other
+ software does. Install this file into libcpuinfo's alias directory
+ (e.g. /usr/share/libcpuinfo/aliases/libvirt.xml) to have libcpuinfo
+ automatically translate feature names into the names libvirt uses.
+-->
+
+<external_aliases>
+ <external_alias>
+ <type>feature</type>
+ <canonical>pclmulqdq</canonical>
+ <name>pclmuldq</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>ds-cpl</canonical>
+ <name>ds_cpl</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>sse4-1</canonical>
+ <name>sse4.1</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>sse4-2</canonical>
+ <name>sse4.2</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>tsc-adjust</canonical>
+ <name>tsc_adjust</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>lahf-lm</canonical>
+ <name>lahf_lm</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>cmp-legacy</canonical>
+ <name>cmp_legacy</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>nodeid-msr</canonical>
+ <name>nodeid_msr</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>perfctr-core</canonical>
+ <name>perfctr_core</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>perfctr-nb</canonical>
+ <name>perfctr_nb</name>
+ <domain>libvirt</domain>
+ </external_alias>
+ <external_alias>
+ <type>feature</type>
+ <canonical>fxsr-opt</canonical>
+ <name>fxsr_opt</name>
+ <domain>libvirt</domain>
+ </external_alias>
+</external_aliases>
diff --git a/src/cpu_map/sync_qemu_features_i386.py b/src/cpu_map/sync_qemu_features_i386.py
index e4b1f7275a..3b3ad5a643 100755
--- a/src/cpu_map/sync_qemu_features_i386.py
+++ b/src/cpu_map/sync_qemu_features_i386.py
@@ -4,6 +4,11 @@ import argparse
import os
import re
+try:
+ import pycpuinfo
+except ImportError:
+ pycpuinfo = None
+
# features in qemu that we do not want in libvirt
FEATURES_IGNORE = (
@@ -22,6 +27,7 @@ FEATURES_IGNORE = (
"kvm-steal-time",
"kvmclock",
"kvmclock-stable-bit",
+ "kvmclock2",
"xstore",
"xstore-en",
@@ -295,6 +301,53 @@ def add_feature_qemu(query, data):
add_feature_cpuid(eax, ecx, reg, bit, name)
+def add_features_cpuinfo():
+ def decode_bit(value):
+ for i in range(0, 64):
+ if value == (1 << i):
+ return i
+
+ def decode_cpuid(v):
+ if v[0] != 0 and v[1] == 0 and v[2] == 0 and v[3] == 0:
+ reg, val = "eax", v[0]
+ if v[0] == 0 and v[1] != 0 and v[2] == 0 and v[3] == 0:
+ reg, val = "ebx", v[1]
+ if v[0] == 0 and v[1] == 0 and v[2] != 0 and v[3] == 0:
+ reg, val = "ecx", v[2]
+ if v[0] == 0 and v[1] == 0 and v[2] == 0 and v[3] != 0:
+ reg, val = "edx", v[3]
+
+ return reg, decode_bit(val)
+
+ x86 = pycpuinfo.Family.find("x86", "")
+
+ for feature in pycpuinfo.features():
+ if feature.family() != x86:
+ continue
+
+ if list(feature.features()):
+ continue
+
+ name = feature.name("libvirt")
+ if name in FEATURES_IGNORE:
+ continue
+
+ cpuid = feature.extra_x86_cpuid()
+ if cpuid:
+ eax = cpuid[0]
+ ecx = cpuid[1]
+ if ecx == pycpuinfo.x86.CPUINFO_X86_CPUID_ECX_NONE:
+ ecx = None
+ reg, bit = decode_cpuid(cpuid[2:])
+ add_feature_cpuid(eax, ecx, reg, bit, name)
+
+ msr = feature.extra_x86_msr()
+ if msr:
+ index = msr[0]
+ bit = decode_bit(msr[1] | (msr[2] << 32))
+ add_feature_msr(index, bit, name)
+
+
# read the `feature_word_info` struct from qemu's cpu.c into a list of strings
def read_cpu_c(path):
pattern_comment = re.compile("/\\*.*?\\*/")
@@ -450,6 +503,12 @@ def main():
nargs="?",
type=os.path.realpath,
)
+ if pycpuinfo:
+ parser.add_argument(
+ "--libcpuinfo",
+ help="Use libcpuinfo as data source instead",
+ action="store_true",
+ )
parser.add_argument(
"--output",
"-o",
@@ -459,14 +518,18 @@ def main():
)
args = parser.parse_args()
- if not os.path.isdir(args.qemu):
- parser.print_help()
- exit("qemu source directory not found")
+ if pycpuinfo and args.libcpuinfo:
+ add_features_cpuinfo()
+ else:
+ if not os.path.isdir(args.qemu):
+ parser.print_help()
+ exit("qemu source directory not found")
+
+ read_headers(args.qemu)
+ lines = read_cpu_c(args.qemu)
+ parse_feature_words(lines)
+ add_extra_features()
- read_headers(args.qemu)
- lines = read_cpu_c(args.qemu)
- parse_feature_words(lines)
- add_extra_features()
write_output(args.output)
print(
--
2.43.0
5 months
[PATCH] formatstorage: Document qcow2 default version change
by Peter Krempa
Based on discussion after commit f432114d9c was pushed it was pointed
out that the documentation still mentions the older version.
Fix the documentation to state the new version and introduce ambiguity
for future updates.
Fixes: f432114d9cf507a4047aa9dc1344b1c13356db08
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
Posting this documentation update to document what happened rather than
introduce (almost pointless) complication in adding a config file which
is unlikely to be ever used.
docs/formatstorage.rst | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/docs/formatstorage.rst b/docs/formatstorage.rst
index 86e167d9cb..9d9a4143eb 100644
--- a/docs/formatstorage.rst
+++ b/docs/formatstorage.rst
@@ -700,10 +700,15 @@ host filesystem. It can contain the following child elements:
Encryption <formatstorageencryption.html>`__ page for more information.
``compat``
Specify compatibility level. So far, this is only used for ``type='qcow2'``
- volumes. Valid values are ``0.10`` and ``1.1`` so far, specifying QEMU
- version the images should be compatible with. If the ``feature`` element is
- present, 1.1 is used. :since:`Since 1.1.0` If omitted, 0.10 is used.
- :since:`Since 1.1.2`
+ volumes. Valid values are ``0.10`` (QCOW2 v2) and ``1.1`` (QCOW2 v3) so far.
+ The values were meant to specify QEMU version the images should be compatible
+ with.
+
+ The default, if the ``feature`` element is present is ``1.1``. :since:`Since 1.1.0`
+ If ``feature`` is not present, ``0.10`` was used :since:`Since 1.1.2` and
+ :since:`Since 10.2.0` ``1.1`` is used as it's the default of ``qemu-img``.
+
+ Any tool depending on a specific version should specify this field explicitly.
``nocow``
Turn off COW of the newly created volume. So far, this is only valid for a
file image in btrfs file system. It will improve performance when the file
--
2.44.0
5 months
[PATCH] security: AppArmor allow write when os loader readonly=no
by Miroslav Los
Since libvirt commit 3ef9b51b10e52886e8fe8d75e36d0714957616b7,
the pflash storage for the os loader file follows its read-only flag,
and qemu tries to open the file for writing if set so.
This patches virt-aa-helper to generate the VM's AppArmor rules
that allow this, using the same domain definition flag and default.
Signed-off-by: Miroslav Los <mirlos(a)cisco.com>
---
src/security/virt-aa-helper.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 0374581f07..2f57664a4c 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1001,9 +1001,14 @@ get_files(vahControl * ctl)
if (vah_add_file(&buf, ctl->def->os.slic_table, "r") != 0)
goto cleanup;
- if (ctl->def->os.loader && ctl->def->os.loader->path)
- if (vah_add_file(&buf, ctl->def->os.loader->path, "rk") != 0)
+ if (ctl->def->os.loader && ctl->def->os.loader->path) {
+ bool readonly = false;
+ virTristateBoolToBool(ctl->def->os.loader->readonly, &readonly);
+ if (vah_add_file(&buf,
+ ctl->def->os.loader->path,
+ readonly ? "rk" : "rwk") != 0)
goto cleanup;
+ }
if (ctl->def->os.loader && ctl->def->os.loader->nvram) {
if (storage_source_add_files(ctl->def->os.loader->nvram, &buf, 0) < 0)
--
2.25.1
5 months, 1 week
[PATCH v3 00/17] hw/sd/sdcard: Accumulation of cleanups and fixes
by Philippe Mathieu-Daudé
Since v2:
- Tested-by from Cédric recorded
- more patches added :S
Since v1:
- various patches merged, few more added
Various SD card cleanups and fixes accumulated over
the years. Various have been useful to help integrating
eMMC support (which will come later).
Full series for testing:
https://gitlab.com/philmd/qemu/-/tags/emmc-v4
Cédric Le Goater (1):
hw/sd/sdcard: Introduce definitions for EXT_CSD register
Philippe Mathieu-Daudé (16):
hw/sd/sdcard: Deprecate support for spec v1.10
hw/sd/sdcard: Use spec v3.01 by default
hw/sd/sdcard: Track last command used to help logging
hw/sd/sdcard: Trace block offset in READ/WRITE data accesses
hw/sd/sdcard: Trace requested address computed by sd_req_get_address()
hw/sd/sdcard: Do not store vendor data on block drive (CMD56)
hw/sd/sdcard: Send WRITE_PROT bits MSB first (CMD30)
hw/sd/sdcard: Send NUM_WR_BLOCKS bits MSB first (ACMD22)
hw/sd/sdcard: Use READY_FOR_DATA definition instead of magic value
hw/sd/sdcard: Assign SDCardStates enum values
hw/sd/sdcard: Simplify sd_inactive_state handling
hw/sd/sdcard: Restrict SWITCH_FUNCTION to sd_transfer_state (CMD6)
hw/sd/sdcard: Add direct reference to SDProto in SDState
hw/sd/sdcard: Extract sd_blk_len() helper
tests/qtest: Disable npcm7xx_sdhci tests using hardcoded RCA
hw/sd/sdcard: Generate random RCA value
docs/about/deprecated.rst | 6 ++
hw/sd/sdmmc-internal.h | 97 +++++++++++++++++++++
hw/sd/sd.c | 145 ++++++++++++++++++-------------
tests/qtest/npcm7xx_sdhci-test.c | 7 ++
hw/sd/trace-events | 6 +-
5 files changed, 199 insertions(+), 62 deletions(-)
--
2.41.0
5 months, 2 weeks
[PATCH v1] security_manager: Ensure top lock is acquired before nested locks
by hongmianquan
We need to ensure top lock is acquired before nested lock. Otherwise deadlock
issues may arise. We have the stack security driver, which internally manages
other security drivers, we call them "top" and "nested".
We call virSecurityStackPreFork() to lock the top one, and it also locks
and then unlocks the nested drivers prior to fork. Then in qemuSecurityPostFork(),
it unlocks the top one, but not the nested ones. Thus, if one of the nested
drivers ("dac" or "selinux") is still locked, it will cause a deadlock.
We discovered this case: the nested list obtained through the qemuSecurityGetNested()
will be locked for subsequent use, such as in virQEMUDriverCreateCapabilities(),
where the nested list is locked using qemuSecurityGetDOI, but the top one is not locked beforehand.
The problem stack is as follows:
libvirtd thread1 libvirtd thread2 child libvirtd
| | |
| | |
virsh capabilities qemuProcessLanuch |
| | |
| lock top |
| | |
lock nested | |
| | |
| fork------------------->|(held nested lock)
| | |
| | |
unlock nested unlock top unlock top
|
|
qemuSecuritySetSocketLabel
|
|
lock nested (deadlock)
In this commit, we ensure that the top lock is acquired before the nested lock,
so during fork, it's not possible for another task to acquire the nested lock.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1303031
Signed-off-by: hongmianquan <hongmianquan(a)bytedance.com>
---
src/libvirt_private.syms | 3 ++-
src/qemu/qemu_conf.c | 9 ++++++++-
src/qemu/qemu_driver.c | 16 +++++++++-------
src/qemu/qemu_security.h | 2 ++
src/security/security_manager.c | 22 ++++++++++++++++++++++
src/security/security_manager.h | 2 ++
6 files changed, 45 insertions(+), 9 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index bac4a8a366..39cdb90772 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1806,7 +1806,8 @@ virSecurityManagerTransactionAbort;
virSecurityManagerTransactionCommit;
virSecurityManagerTransactionStart;
virSecurityManagerVerify;
-
+virSecurityManagerStackLock;
+virSecurityManagerStackUnlock;
# security/security_util.h
virSecurityXATTRNamespaceDefined;
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 4050a82341..21f0739fd5 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -1380,6 +1380,9 @@ virCaps *virQEMUDriverCreateCapabilities(virQEMUDriver *driver)
return NULL;
}
+ /* Ensure top lock is acquired before nested locks */
+ qemuSecurityStackLock(driver->securityManager);
+
/* access sec drivers and create a sec model for each one */
if (!(sec_managers = qemuSecurityGetNested(driver->securityManager)))
return NULL;
@@ -1402,8 +1405,10 @@ virCaps *virQEMUDriverCreateCapabilities(virQEMUDriver *driver)
lbl = qemuSecurityGetBaseLabel(sec_managers[i], virtTypes[j]);
type = virDomainVirtTypeToString(virtTypes[j]);
if (lbl &&
- virCapabilitiesHostSecModelAddBaseLabel(sm, type, lbl) < 0)
+ virCapabilitiesHostSecModelAddBaseLabel(sm, type, lbl) < 0) {
+ qemuSecurityStackUnlock(driver->securityManager);
return NULL;
+ }
}
VIR_DEBUG("Initialized caps for security driver \"%s\" with "
@@ -1412,6 +1417,8 @@ virCaps *virQEMUDriverCreateCapabilities(virQEMUDriver *driver)
caps->host.numa = virCapabilitiesHostNUMANewHost();
caps->host.cpu = virQEMUDriverGetHostCPU(driver);
+
+ qemuSecurityStackUnlock(driver->securityManager);
return g_steal_pointer(&caps);
}
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index fc1704f4fc..c980a0990f 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -560,7 +560,6 @@ qemuStateInitialize(bool privileged,
bool autostart = true;
size_t i;
const char *defsecmodel = NULL;
- g_autofree virSecurityManager **sec_managers = NULL;
g_autoptr(virIdentity) identity = virIdentityGetCurrent();
qemu_driver = g_new0(virQEMUDriver, 1);
@@ -835,11 +834,8 @@ qemuStateInitialize(bool privileged,
if (!qemu_driver->qemuCapsCache)
goto error;
- if (!(sec_managers = qemuSecurityGetNested(qemu_driver->securityManager)))
- goto error;
-
- if (sec_managers[0] != NULL)
- defsecmodel = qemuSecurityGetModel(sec_managers[0]);
+ if (qemu_driver->securityManager != NULL)
+ defsecmodel = qemuSecurityGetModel(qemu_driver->securityManager);
if (!(qemu_driver->xmlopt = virQEMUDriverCreateXMLConf(qemu_driver,
defsecmodel)))
@@ -5663,7 +5659,12 @@ static int qemuDomainGetSecurityLabelList(virDomainPtr dom,
ret = 0;
} else {
int len = 0;
- virSecurityManager ** mgrs = qemuSecurityGetNested(driver->securityManager);
+ virSecurityManager ** mgrs = NULL;
+
+ /* Ensure top lock is acquired before nested locks */
+ qemuSecurityStackLock(driver->securityManager);
+
+ mgrs = qemuSecurityGetNested(driver->securityManager);
if (!mgrs)
goto cleanup;
@@ -5688,6 +5689,7 @@ static int qemuDomainGetSecurityLabelList(virDomainPtr dom,
}
cleanup:
+ qemuSecurityStackUnlock(driver->securityManager);
virDomainObjEndAPI(&vm);
return ret;
}
diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index 41da33debc..19fcb3c939 100644
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -151,3 +151,5 @@ int qemuSecurityCommandRun(virQEMUDriver *driver,
#define qemuSecuritySetTapFDLabel virSecurityManagerSetTapFDLabel
#define qemuSecurityStackAddNested virSecurityManagerStackAddNested
#define qemuSecurityVerify virSecurityManagerVerify
+#define qemuSecurityStackLock virSecurityManagerStackLock
+#define qemuSecurityStackUnlock virSecurityManagerStackUnlock
\ No newline at end of file
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 24f2f3d3dc..c49c4f708f 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -989,6 +989,28 @@ virSecurityManagerGetNested(virSecurityManager *mgr)
return list;
}
+/*
+ * Usually called before virSecurityManagerGetNested().
+ * We need to ensure locking the stack security manager before
+ * locking the nested security manager to maintain the correct
+ * synchronization state.
+ * It must be followed by a call virSecurityManagerStackUnlock().
+ */
+void
+virSecurityManagerStackLock(virSecurityManager *mgr)
+{
+ if (STREQ("stack", mgr->drv->name))
+ virObjectLock(mgr);
+}
+
+
+void
+virSecurityManagerStackUnlock(virSecurityManager *mgr)
+{
+ if (STREQ("stack", mgr->drv->name))
+ virObjectUnlock(mgr);
+}
+
/**
* virSecurityManagerDomainSetPathLabel:
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index a416af3215..bb6d22bc31 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -158,6 +158,8 @@ int virSecurityManagerSetTapFDLabel(virSecurityManager *mgr,
char *virSecurityManagerGetMountOptions(virSecurityManager *mgr,
virDomainDef *vm);
virSecurityManager ** virSecurityManagerGetNested(virSecurityManager *mgr);
+void virSecurityManagerStackLock(virSecurityManager *mgr);
+void virSecurityManagerStackUnlock(virSecurityManager *mgr);
typedef enum {
VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN = 1 << 0,
--
2.11.0
5 months, 3 weeks
[PATCH] qemu_domain: Check if driver->domainEventState is NULL
by Rayhan Faizel
Under the test environment, driver->domainEventState is uninitialized. If a
disk gets dropped, it will attempt to queue an event which will cause a
segmentation fault. This crash does not occur during normal use.
This patch adds a quick check to ensure driver->domainEventState is not NULL
along with a testcase exercising the dropping of disks with startupPolicy set
as 'optional'.
Signed-off-by: Rayhan Faizel <rayhan.faizel(a)gmail.com>
---
src/qemu/qemu_domain.c | 3 +-
...tuppolicy-optional-drop.x86_64-latest.args | 33 ++++++++++++++++
...rtuppolicy-optional-drop.x86_64-latest.xml | 38 +++++++++++++++++++
.../disk-startuppolicy-optional-drop.xml | 23 +++++++++++
tests/qemuxmlconftest.c | 2 +
5 files changed, 98 insertions(+), 1 deletion(-)
create mode 100644 tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.args
create mode 100644 tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.xml
create mode 100644 tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.xml
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 7ba2ea4a5e..109c5bbd52 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7592,7 +7592,8 @@ qemuDomainCheckRemoveOptionalDisk(virQEMUDriver *driver,
virDomainDiskDefFree(disk);
}
- virObjectEventStateQueue(driver->domainEventState, event);
+ if (driver->domainEventState)
+ virObjectEventStateQueue(driver->domainEventState, event);
}
diff --git a/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.args b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.args
new file mode 100644
index 0000000000..13ddbc1a5d
--- /dev/null
+++ b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.args
@@ -0,0 +1,33 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=QEMUGuest1,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/master-key.aes"}' \
+-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram,acpi=off \
+-accel tcg \
+-cpu qemu64 \
+-m size=219136k \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-boot strict=on \
+-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \
+-device '{"driver":"lsi","id":"scsi0","bus":"pci.0","addr":"0x2"}' \
+-audiodev '{"id":"audio1","driver":"none"}' \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.xml b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.xml
new file mode 100644
index 0000000000..27d0639109
--- /dev/null
+++ b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.x86_64-latest.xml
@@ -0,0 +1,38 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <cpu mode='custom' match='exact' check='none'>
+ <model fallback='forbid'>qemu64</model>
+ </cpu>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='volume' device='disk'>
+ <driver name='qemu'/>
+ <source pool='inactive' volume='inactive' startupPolicy='optional'/>
+ <target dev='sda' bus='scsi'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0' model='piix3-uhci'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <controller type='scsi' index='0' model='lsilogic'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+ </controller>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <audio id='1' type='none'/>
+ <memballoon model='none'/>
+ </devices>
+</domain>
diff --git a/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.xml b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.xml
new file mode 100644
index 0000000000..c6c59978c6
--- /dev/null
+++ b/tests/qemuxmlconfdata/disk-startuppolicy-optional-drop.xml
@@ -0,0 +1,23 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='volume' device='disk'>
+ <source pool='inactive' volume='inactive' startupPolicy='optional'/>
+ <target dev='sda'/>
+ </disk>
+ <memballoon model='none'/>
+ </devices>
+</domain>
diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c
index 5700ea314f..16ecc1b7e4 100644
--- a/tests/qemuxmlconftest.c
+++ b/tests/qemuxmlconftest.c
@@ -2986,6 +2986,8 @@ mymain(void)
DO_TEST_CAPS_LATEST("net-usb")
DO_TEST_CAPS_LATEST("sound-device-virtio")
+ DO_TEST_CAPS_LATEST("disk-startuppolicy-optional-drop")
+
/* check that all input files were actually used here */
if (testConfXMLCheck(existingTestCases) < 0)
ret = -1;
--
2.34.1
5 months, 3 weeks
[PATCH v2 00/14] hw: define and enforce a standard lifecycle for versioned machines
by Daniel P. Berrangé
Thomas proposed a new deprecation and removal policy for versioned
machine types that would see them liable for deletion after 6 years:
https://lists.nongnu.org/archive/html/qemu-devel/2024-04/msg04683.html
This suggest was met with broad approval, however, I suggested that we
could take it further and actually mark them deprecated sooner, at the
3 year timeframe, and also fully automate the enablement of the runtime
deprecation warning without developer intervention on every release
cycle.
This series implements my suggestions.
The first patch introduces some helper macros and documents a standard
code pattern for defining versioned machine types across targets.
The next 6 patches convert existing targets with versioned machine
types (arm, s390x, ppc, m68k, i386) to use the new helper macros and
code patterns.
A further patch introduces some helper macros for automating the
handling of deprecation and deletion of versioned machine types.
Two more patches then enable the deprecation and deletion logic
across all versioned machines
Finally we do some cleanup and document the new policy.
........a tangent about VERSION file handling.......
One oddity here, is that during the development and release
candidate phases the automatic logic in this series has an off-by-1
error.
This is because when we, for example, add the "9.1" machine type
versions, the VERSION file is still reporting '9.0.50', and then
'9.0.9{1,2,3,4}'.
IOW, during development and in rc candidates, we fail to deprecate
and delete 1 machine type. We should already have deprecated the
6.1 machine types, but the most recently deprecated is 6.0.
This is pretty harmless since the final release does the right
thing.
I wonder, however, whether we would benefit from changing how we
update the VERSION file.
eg instead of re-using the micro digit to indicate a dev or rc
snapshot, represent those explicitly. eg "9.1.0-dev" and
"9.1.0-rc1", "9.1.0-rc2", etc in VERSION.
We don't use the full QEMU_VERSION in the code in all that many
places. It appears in some help messages for command line tools,
and in QMP query-version response, and in a few other misc places.
At a glance it appears all of those places would easily handle a
tagged version.
For release candidates in particular I think it would be saner
to show the user the actual version the release is about to become,
rather than the previous release's version. This would make the
reported version match the rc tarball naming too which would be
nice.
Anyway, this isn't a blocker for this machine type versioning
proposal, just a thought....
Changed in v2:
- Various docs improvements and minor fixes from original
review
- Rebased and resolved conflicts with Philippe's merged
series
Daniel P. Berrangé (14):
include/hw: add helpers for defining versioned machine types
hw/arm: convert 'virt' machine definitions to use new macros
hw/s390x: convert 'ccw' machine definitions to use new macros
hw/ppc: convert 'spapr' machine definitions to use new macros
hw/m68k: convert 'virt' machine definitions to use new macros
hw/i386: convert 'i440fx' machine definitions to use new macros
hw/i386: convert 'q35' machine definitions to use new macros
include/hw: add macros for deprecation & removal of versioned machines
include/hw: temporarily disable deletion of versioned machine types
hw: set deprecation info for all versioned machine types
hw: skip registration of outdated versioned machine types
hw/ppc: remove obsolete manual deprecation reason string of spapr
machines
hw/i386: remove obsolete manual deprecation reason string of i440fx
machines
docs: document special exception for machine type deprecation &
removal
docs/about/deprecated.rst | 13 ++
hw/arm/virt.c | 30 ++--
hw/i386/pc_piix.c | 220 ++++++++++++---------------
hw/i386/pc_q35.c | 215 +++++++++++---------------
hw/m68k/virt.c | 53 ++++---
hw/ppc/spapr.c | 96 ++++++------
hw/s390x/s390-virtio-ccw.c | 98 ++++++------
include/hw/boards.h | 298 +++++++++++++++++++++++++++++++++++++
include/hw/i386/pc.h | 28 ++++
9 files changed, 681 insertions(+), 370 deletions(-)
--
2.43.0
5 months, 3 weeks
[PATCH 0/8] ch: support restore with network devices
by Purna Pavan Chandra
Current ch driver supports restore only for domains without any network
configuration defined. This was because libvirt explicitly passes network fds
and CH did not had support to restore with new net FDS. This support has been
added recently, https://github.com/cloud-hypervisor/cloud-hypervisor/pull/6402
The changes in this patch series majorly include moving to socket communication
for restore api, create new net fds and pass them via SCM_RIGHTS to CH.
Purna Pavan Chandra (8):
ch: report response message instead of just code
ch: Pass net ids explicitly during vm creation
ch: refactor chProcessAddNetworkDevices
ch: poll with -1 in chSocketRecv
ch: use monitor socket fd to send restore request
ch: refactor virCHMonitorSaveVM
ch: support restore with net devices
ch: kill CH process if restore fails
src/ch/ch_driver.c | 9 +-
src/ch/ch_monitor.c | 62 +++++++-----
src/ch/ch_monitor.h | 6 +-
src/ch/ch_process.c | 225 ++++++++++++++++++++++++++++++++++----------
4 files changed, 223 insertions(+), 79 deletions(-)
--
2.34.1
6 months
[PATCH 0/8] Report 'passt' support in domain capabilities
by Michal Privoznik
There are some distributions that consider switching from SLIRP to just
passt. While libvirt wires no defaults and leaves this kind of
decisions onto upper layers, it can help mgmt apps do the decision by
reporting passt support in domain capabilities.
Michal Prívozník (8):
libvirt_private.syms: Export virDomainNetBackendType enum handlers
qemu_capabilities: Introduce QEMU_CAPS_NETDEV_USER
qemu_validate: Validate net backends against QEMU caps
domain_capabilities: Introduce netdev capabilities
qemu_capabilities: Fill supported net backend types
conf: Accept 'default' backend type for <interface type='user'/>
qemu_validate: Use domaincaps to validate supported net backend type
qemu_domain: Set 'passt' net backend if 'default' is unsupported
docs/formatdomaincaps.rst | 25 +++++++++++++++++++
src/conf/domain_capabilities.c | 13 ++++++++++
src/conf/domain_capabilities.h | 8 ++++++
src/conf/domain_conf.c | 5 +++-
src/conf/schemas/domaincaps.rng | 10 ++++++++
src/conf/schemas/domaincommon.rng | 1 +
src/libvirt_private.syms | 2 ++
src/qemu/qemu_capabilities.c | 23 +++++++++++++++++
src/qemu/qemu_capabilities.h | 4 +++
src/qemu/qemu_domain.c | 19 +++++++++++---
src/qemu/qemu_validate.c | 14 ++++++++---
.../domaincapsdata/qemu_4.2.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml | 5 ++++
.../qemu_4.2.0-virt.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_4.2.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_4.2.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_4.2.0.s390x.xml | 5 ++++
tests/domaincapsdata/qemu_4.2.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_5.0.0-q35.x86_64.xml | 5 ++++
.../qemu_5.0.0-tcg-virt.riscv64.xml | 5 ++++
.../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml | 5 ++++
.../qemu_5.0.0-virt.aarch64.xml | 5 ++++
.../qemu_5.0.0-virt.riscv64.xml | 5 ++++
tests/domaincapsdata/qemu_5.0.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_5.0.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_5.0.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_5.1.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml | 5 ++++
tests/domaincapsdata/qemu_5.1.0.sparc.xml | 5 ++++
tests/domaincapsdata/qemu_5.1.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_5.2.0-q35.x86_64.xml | 5 ++++
.../qemu_5.2.0-tcg-virt.riscv64.xml | 5 ++++
.../domaincapsdata/qemu_5.2.0-tcg.x86_64.xml | 5 ++++
.../qemu_5.2.0-virt.aarch64.xml | 5 ++++
.../qemu_5.2.0-virt.riscv64.xml | 5 ++++
tests/domaincapsdata/qemu_5.2.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_5.2.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_5.2.0.s390x.xml | 5 ++++
tests/domaincapsdata/qemu_5.2.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.0.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 5 ++++
.../qemu_6.0.0-virt.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_6.0.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_6.0.0.s390x.xml | 5 ++++
tests/domaincapsdata/qemu_6.0.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.1.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.1.0-tcg.x86_64.xml | 5 ++++
tests/domaincapsdata/qemu_6.1.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.2.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_6.2.0-tcg.x86_64.xml | 5 ++++
.../qemu_6.2.0-virt.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_6.2.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_6.2.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_6.2.0.x86_64.xml | 5 ++++
.../qemu_7.0.0-hvf.aarch64+hvf.xml | 5 ++++
.../domaincapsdata/qemu_7.0.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_7.0.0-tcg.x86_64.xml | 5 ++++
.../qemu_7.0.0-virt.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_7.0.0.aarch64.xml | 5 ++++
tests/domaincapsdata/qemu_7.0.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_7.0.0.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_7.1.0-q35.x86_64.xml | 5 ++++
.../domaincapsdata/qemu_7.1.0-tcg.x86_64.xml | 5 ++++
tests/domaincapsdata/qemu_7.1.0.ppc64.xml | 5 ++++
tests/domaincapsdata/qemu_7.1.0.x86_64.xml | 5 ++++
.../qemu_7.2.0-hvf.x86_64+hvf.xml | 6 +++++
.../domaincapsdata/qemu_7.2.0-q35.x86_64.xml | 6 +++++
.../qemu_7.2.0-tcg.x86_64+hvf.xml | 6 +++++
.../domaincapsdata/qemu_7.2.0-tcg.x86_64.xml | 6 +++++
tests/domaincapsdata/qemu_7.2.0.ppc.xml | 6 +++++
tests/domaincapsdata/qemu_7.2.0.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_8.0.0-q35.x86_64.xml | 6 +++++
.../qemu_8.0.0-tcg-virt.riscv64.xml | 6 +++++
.../domaincapsdata/qemu_8.0.0-tcg.x86_64.xml | 6 +++++
.../qemu_8.0.0-virt.riscv64.xml | 6 +++++
tests/domaincapsdata/qemu_8.0.0.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_8.1.0-q35.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_8.1.0-tcg.x86_64.xml | 6 +++++
tests/domaincapsdata/qemu_8.1.0.s390x.xml | 6 +++++
tests/domaincapsdata/qemu_8.1.0.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_8.2.0-q35.x86_64.xml | 6 +++++
.../qemu_8.2.0-tcg-virt.loongarch64.xml | 6 +++++
.../domaincapsdata/qemu_8.2.0-tcg.x86_64.xml | 6 +++++
.../qemu_8.2.0-virt.aarch64.xml | 6 +++++
.../qemu_8.2.0-virt.loongarch64.xml | 6 +++++
tests/domaincapsdata/qemu_8.2.0.aarch64.xml | 6 +++++
tests/domaincapsdata/qemu_8.2.0.armv7l.xml | 6 +++++
tests/domaincapsdata/qemu_8.2.0.s390x.xml | 6 +++++
tests/domaincapsdata/qemu_8.2.0.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_9.0.0-q35.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_9.0.0-tcg.x86_64.xml | 6 +++++
tests/domaincapsdata/qemu_9.0.0.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_9.1.0-q35.x86_64.xml | 6 +++++
.../domaincapsdata/qemu_9.1.0-tcg.x86_64.xml | 6 +++++
tests/domaincapsdata/qemu_9.1.0.x86_64.xml | 6 +++++
.../caps_4.2.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_4.2.0_ppc64.xml | 1 +
.../qemucapabilitiesdata/caps_4.2.0_s390x.xml | 1 +
.../caps_4.2.0_x86_64.xml | 1 +
.../caps_5.0.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_5.0.0_ppc64.xml | 1 +
.../caps_5.0.0_riscv64.xml | 1 +
.../caps_5.0.0_x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_5.1.0_sparc.xml | 1 +
.../caps_5.1.0_x86_64.xml | 1 +
.../caps_5.2.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_5.2.0_ppc64.xml | 1 +
.../caps_5.2.0_riscv64.xml | 1 +
.../qemucapabilitiesdata/caps_5.2.0_s390x.xml | 1 +
.../caps_5.2.0_x86_64.xml | 1 +
.../caps_6.0.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_6.0.0_s390x.xml | 1 +
.../caps_6.0.0_x86_64.xml | 1 +
.../caps_6.1.0_x86_64.xml | 1 +
.../caps_6.2.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_6.2.0_ppc64.xml | 1 +
.../caps_6.2.0_x86_64.xml | 1 +
.../caps_7.0.0_aarch64+hvf.xml | 1 +
.../caps_7.0.0_aarch64.xml | 1 +
.../qemucapabilitiesdata/caps_7.0.0_ppc64.xml | 1 +
.../caps_7.0.0_x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_7.1.0_ppc64.xml | 1 +
.../caps_7.1.0_x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_7.2.0_ppc.xml | 1 +
.../caps_7.2.0_x86_64+hvf.xml | 1 +
.../caps_7.2.0_x86_64.xml | 1 +
.../caps_8.0.0_riscv64.xml | 1 +
.../caps_8.0.0_x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_8.1.0_s390x.xml | 1 +
.../caps_8.1.0_x86_64.xml | 1 +
.../caps_8.2.0_aarch64.xml | 1 +
.../caps_8.2.0_armv7l.xml | 1 +
.../caps_8.2.0_loongarch64.xml | 1 +
.../qemucapabilitiesdata/caps_8.2.0_s390x.xml | 1 +
.../caps_8.2.0_x86_64.xml | 1 +
.../caps_9.0.0_x86_64.xml | 1 +
.../caps_9.1.0_x86_64.xml | 1 +
137 files changed, 608 insertions(+), 8 deletions(-)
--
2.44.2
6 months
[PATCH] qemuDomainChangeNet: forbid changing portgroup
by Adam Julis
While changing the portgroup attribute causes incorrect
behavior, this option is disabled for hot-plug.
Resolves: https://issues.redhat.com/browse/RHEL-7299
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
src/qemu/qemu_hotplug.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 4a3f4f657e..355f742535 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -3884,6 +3884,13 @@ qemuDomainChangeNet(virQEMUDriver *driver,
goto cleanup;
}
+ if (newdev->type == VIR_DOMAIN_NET_TYPE_NETWORK &&
+ STRNEQ_NULLABLE(olddev->data.network.portgroup, newdev->data.network.portgroup)) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("cannot modify network device portgroup attribute"));
+ goto cleanup;
+ }
+
/* allocate new actual device to compare to old - we will need to
* free it if we fail for any reason
*/
--
2.45.2
6 months